Inside CTO/CIO - February 21st, 2019 |

Inside CTO/CIO (Feb 21st, 2019)

Polycom botnet alert, Britain Huawei worries, Google to acquire Alooma

Subscribe to Inside CTO/CIO

New blank template
Subscribe | View in browser

1. Security researchers have discovered four IoT botnets currently attacking business video conferencing systems. Chances are high there is an internet-connected Polycom product in your offices; Polycom HDX are also commonly deployed inside corporate networks. These botnets infect the devices to scan and infect further company systems, and are based on the Mirai botnet. In an advisory released today (a living document subject to updates) Polycom warns customers to update these endpoints immediately to version 3.1.13. --CSO ONLINE

2. Today Britain said Huawei hasn't fixed its security vulnerabilities and isn't safe for government use. The comments from Ciaran Martin, head of Britain’s National Cyber Security Centre (NCSC), show a reversal from earlier this week when officials said they could handle any Huawei problems. Chinese national security threats and its telecom giants are being leveraged in the US-China trade war under a looming March 1 negotiation deadline. An executive order banning Chinese telecom equipment from US wireless networks is expected before the end of this month. Rural carriers are saying they'll resist any ban. --THE REGISTER

3. Google announced it will acquire enterprise data pipeline company Alooma. Google joins AWS and Microsoft in buying cloud migration tool startups. Alooma specializes in moving date from multiple sources into one data warehouse, and Alooma's suite will certainly ease customer migrations to Google Cloud Platform. The deal awaits regulatory approval, but Google has already said it "will only be accepting new customers that are migrating data to Google Cloud Platform." GCloud is also quadrupling its budget for an expanded sales force. --CIO DIVE

4. Industry figures are exploring a growing need to create the position of chief AI officer (CAIO) within organizations. Kohl's, Square, and eBay have AI teams, yet AI governance has not been elevated to the same level as a CIO position. At the same time, Aramark has hired a chief AI officer to steer its AI ship through automation's murky, hype-filled waters, and eBay has an AI governance team. In an eye-opening deep-dive, senior IT executives from Aramark, Square, Kohl's and eBay each elaborate on their new strategies. --TECHTARGET

5. Shake Shack has hired its first CIO to oversee "all aspects of technology." Randy Garutti, Shake Shack CEO, said the hire -- one of three other new roles in its C-suite expansion -- would be part of the company's push to connect in a more personalized way with customers and focus on building the support to foster innovation within the company. --AP

6. Two prominent female CISOs have solid advice for the few women in C-suite positions. The women have advice beyond "it's getting better" and discuss challenges to advancement, motivation in environments where there's still a lot of work to be done. --ZDNET

7. Contractors and company employees expose confidential and sensitive information online in 98 percent of organizations. Insider threat company Dtex Systems analyzed over 300,000 employee and contractor accounts to find that unsecured data exposure was primarily happening via Dropbox, Google, and Microsoft SharePoint. --BETANEWS

8. IT provides orgs more governance and control around new technologies than ever and this means the role of CIO is changing. Forrester Research's The Future of IT report released this week thinks only one in five of today's CIOs can handle the changes coming over the next three years. --INFORMATIONWEEK

9. A new survey shows that employers and workers have drastically different views on AI -- a gap revealing potential problems. In fact, 85% of workers don't think AI increases co-worker collaboration (by eliminating mundane tasks). --GARTNER

10. A network crash is more complex than ever, so this collection of advice from recovery architects is worth bookmarking. Includes advice on pre- or dynamically-provisioning different parts of your network, external-facing DNS, routers, and sorting out mission-critical priorities. --TECH REPUBLIC

This newsletter is curated and authored by author and reporter Violet Blue, who covers security and privacy for outlets ranging from CBS News and CNET to Financial Times and ZDNet. Ms. Blue has been featured on The Oprah Winfrey Show and CNN, she writes the Engadget column "Bad Password," and she is the author of The Smart Girl's Guide to Privacy. Violet is on the Advisory Board for privacy nonprofit Without My Consent and a member of the Internet Press Guild. Find her sharing thoughts on Twitter @violetblue.

Editing team: Lon Harris (editor-in-chief at, game-master at Screen Junkies) and Susmita Baral (editor at Inside, recent bylines in NatGeo, Teen Vogue, and Quartz. Runs the biggest mac and cheese account on Instagram).

Copyright ©, All rights reserved.

Our mailing address is:
767 Bryant St. #203
San Francisco, CA 94107

Did someone forward this email to you? Head over to to get your very own free subscription!

You received this email because you subscribed to Inside CTO/CIO. Click here to unsubscribe from Inside CTO/CIO list or manage your subscriptions.

Subscribe to Inside CTO/CIO